Chamilo Lms
CVE-2025-59544
MEDIUM
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Lifecycle Timeline
2DescriptionGitHub Advisory
Chamilo is a learning management system. Prior to version 1.11.34, the functionality for the user to update the category does not implement authorization checks for the "category_id" parameter which allows users to update the category of any user by replacing the "category_id" parameter. This issue has been patched in version 1.11.34.
AnalysisAI
Chamilo is a learning management system. Prior to version 1.11.34, the functionality for the user to update the category does not implement authorization checks for the "category_id" parameter which allows users to update the category of any user by replacing the "category_id" parameter. [CVSS 4.3 MEDIUM]
Technical ContextAI
Classified as CWE-862 (Missing Authorization). Affects Chamilo Lms. Chamilo is a learning management system. Prior to version 1.11.34, the functionality for the user to update the category does not implement authorization checks for the "category_id" parameter which allows users to update the category of any user by replacing the "category_id" parameter. This issue has been patched in version 1.11.34.
RemediationAI
Fixed in version 1.11.34.. Restrict network access to the affected service where possible.
More in Chamilo Lms
View allChamilo LMS prior to 1.11.28 has a code injection through SOAP request parameters enabling remote code execution.
Chamilo LMS prior to 1.11.30 has a time-based SQL injection in a different endpoint, providing an additional database ex
Chamilo LMS prior to 1.11.30 has an error-based SQL injection enabling database extraction.
Chamilo LMS v1.11.x was discovered to contain a SQL injection via the doc parameter in main/plagiarism/compilatio/upload
Chamilo LMS 1.11.8 and 2.x allows remote code execution through an lp_upload.php unauthenticated file upload feature. Ra
Chamilo LMS prior to 1.11.30 has a blind SSRF vulnerability enabling internal network reconnaissance from the learning p
Unrestricted file upload in big file upload functionality in `/main/inc/lib/javascript/bigupload/inc/bigUpload.php` in C
Chamilo is a learning management system. [CVSS 8.8 HIGH]
Chamilo is a learning management system. Prior to version 1.11.30, an input validation vulnerability exists when importi
Chamilo LMS 1.11.26 is vulnerable to Incorrect Access Control via main/auth/profile. Rated high severity (CVSS 8.8), thi
Unrestricted file upload in `/main/inc/ajax/work.ajax.php` in Chamilo LMS <= v1.11.24 allows authenticated attackers wit
Unrestricted file upload in `/main/inc/ajax/exercise.ajax.php` in Chamilo LMS <= v1.11.24 allows authenticated attackers
Same weakness CWE-862 – Missing Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today